Out-of-Band Authentication

What Does Out-of-Band Authentication Mean?

Out of band authentication (OOBA) is a term for a process where authentication requires two different signals from two different networks or channels. These kinds of more sophisticated authentication prevent many kinds of fraud and hacking. Out-of-band authentication will effectively block many of the most common kinds of hacking and identity theft in online banking.


Techopedia Explains Out-of-Band Authentication

The essential idea behind out-of-band authentication is that by using two different channels, authentication systems can guard against fraudulent users that may only have access to one of these channels.

One of the most common examples of out-of-band authentication is in banking transactions. Typically, a customer wishing to do an online bank transaction will be sent an SMS message by cell phone with a password. This way, any hackers or identity thieves that have access through key loggers or other equipment will not be able to access that particular password, because it is sent over a 3G or 4G wireless network instead of being sent over the Internet. This type of authentication can be extremely effective as long as fraudulent operators haven’t somehow gained access to the user’s cell phone system as well. Sophisticated hacking that is able to access the SMS message and password is often called a man-in-the-middle attack. In general, a man-in-the-middle attack involves creating a dummy network that will trick the victim into thinking that it is a legitimate network. If the actor can intercept the user’s cell phone communications, it may be possible to overcome out-of-band authentication security protocols.


Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…